Ipsec configuration examples, Network requirements, Configuring device a – H3C Technologies H3C SecPath F1000-E User Manual
Page 205
193
IPsec configuration examples
Manual mode IPsec tunnel for IPv4 packets configuration
example in the Web interface
Network requirements
As shown in
, configure an IPsec tunnel between Device A and Device B to protect traffic
between subnet 10.1.1.0/24 and subnet 10.1.2.0/24. Configure the tunnel to use the security protocol
ESP, the encryption algorithm DES, and the authentication algorithm SHA-1. Enable IPsec RRI on Device
A and specify the next hop as 2.2.2.2.
Figure 120 Network diagram
Configuring Device A
# Assign IP addresses for the interfaces and then add them to target zones. (Details not shown.)
# Define ACL 3101 to permit packets from subnet 10.1.1.0/24 to subnet 10.1.2.0/24.
Select Firewall > ACL from the navigation tree, click Add, and then perform the configurations shown
in
Figure 121 Create ACL 3101
•
Enter 3101 as the ACL number.
•
Select the match order of Config.
•
Click Apply.
- H3C SecPath F5000-A5 Firewall H3C SecPath F1000-A-EI H3C SecPath F1000-E-SI H3C SecPath F1000-S-AI H3C SecPath F5000-S Firewall H3C SecPath F5000-C Firewall H3C SecPath F100-C-SI H3C SecPath F1000-C-SI H3C SecPath F100-A-SI H3C SecBlade FW Cards H3C SecBlade FW Enhanced Cards H3C SecPath U200-A U200-M U200-S H3C SecPath U200-CA U200-CM U200-CS